Top 50 designers in the UK. [17 Sep 2007|01:20am] 02:00 17.09.2007 Top 50 designers in the UK. Top 50 designers in the UK. (link) read more at kottke.org rss2lj post comment

Premature Ajax-ulations: Ajax Security… It’s Still The Web [17 Sep 2007|05:41am] 09:03 13.09.2007 Premature Ajax-ulations: Ajax Security… It’s Still The Web Bryan Sullivan and Billy Hoffman gave a talk entitled Premature Ajax-ulations that came out of their work looking at Ajax applications, and seeing if they are secure. They came to the common conclusion that Ajax is not inherently insecure, but ignoring security makes it so: "The extra attack surface from Ajax is not from anything in the architecture but because you're adding functionality," Sullivan said. As your mouse glides smoothly over a Google Map, the application behind it is hard at work, constantly sending messages back and forth from the server to the client. "Ajax is really cool. You just have to pay an extra price for the extra functionality," Sullivan said. That "extra price" includes following basic application security best practices and cultivating communication among development, QA and testing teams. Many of those security practices should already be familiar. White Hat Security also concluded that Ajax doesn't cause a larger attack surface. Of course, Jeremiah Grossman of White Hat Security, also scared the developers out of their minds when he showed various tricks at The Ajax Experience in San Francisco, recently. read more at Ajaxian rss2lj post comment

replaceHTML for when innerHTML dogs you down [17 Sep 2007|05:41am] 12:04 13.09.2007 replaceHTML for when innerHTML dogs you down Steven Levithan, of RegexPal, ran into some performance issues with innerHTML due to the fact that "every keydown event potentially triggers the destruction and creation of thousands of elements" so he started to look into it. He has a test page that demonstrates the issue. Here is some sample input: 1000 elements... innerHTML (destroy only): 156ms innerHTML (create only): 15ms innerHTML (destroy & create): 172ms replaceHtml (destroy only): 0ms (faster) replaceHtml (create only): 15ms (~ same speed) replaceHtml (destroy & create): 15ms (11.5x faster) 15000 elements... innerHTML (destroy only): 14703ms innerHTML (create only): 250ms innerHTML (destroy & create): 14922ms replaceHtml (destroy only): 31ms (474.3x faster) replaceHtml (create only): 250ms (~ same speed) replaceHtml (destroy & create): 297ms (50.2x faster) The code for his replaceHTML is: PLAIN TEXT JAVASCRIPT:   /* This is much faster than using (el.innerHTML = str) when there are many existing descendants, because in some browsers, innerHTML spends much longer removing existing elements than it does creating new ones. */ function replaceHtml(el, html) {         var oldEl = (typeof el === "string" ? document.getElementById(el) : el);         var newEl = document.createElement(oldEl.nodeName);         // Preserve the element's id and class (other properties are lost)         newEl.id = oldEl.id;         newEl.className = oldEl.className;         // Replace the old with the new         newEl.innerHTML = html;         oldEl.parentNode.replaceChild(newEl, oldEl);         /* Since we just removed the old element from the DOM, return a reference         to the new element, which can be used to restore variable references. */         return newEl; };   read more at Ajaxian rss2lj post comment

Kaazing: Enterprise Comet for Real Time Web 2.0 [17 Sep 2007|05:41am] 12:48 13.09.2007 Kaazing: Enterprise Comet for Real Time Web 2.0 Kaazing is a new startup in the bay area that just announced itself to the world via a press release Kaazing and Terracotta Partner to Deliver Advanced Real-Time Web 2.0 Technology: Kaazing Corporation and Terracotta, Inc. today announced a strategic alliance to deliver the software industry's most scalable and advanced real-time Web 2.0 technology for financial systems, online gaming, online sports and news broadcasting applications. The seamless integration between Kaazing's real-time Rich Internet Application (RIA) solution, Enterprise Comet, and Terracotta's Network Attached Memory software enables Kaazing customers to create and deploy scalable mission-critical real-time Web 2.0 solutions, such as trading system clients, online betting applications, performance monitoring, RFID/GPS tracking systems, and sports and news broadcasting applications. Jonas Jacobi of Kaazing was at a conference that I am at in Oslo, so I cornered him to find out what this is all about. The video discusses how Kaazing has a GWT-like ability to take Java bytecode and produces Comet-enabled JavaScript that runs cross browser. Jonas demonstrated a JMS application, entirely written in Java, that runs in the browser itself. They will be showing off an online gaming application in short order. read more at Ajaxian rss2lj post comment

SVG on IE via Silverlight via XSLT [17 Sep 2007|05:41am] 14:15 13.09.2007 SVG on IE via Silverlight via XSLT Sam Ruby has done it again, this time taking Toine de Greef's work and making it better. Now your SVG can work on IE via Silverlight: Cool. SVG to Silverlight via XSLT. But, embedding in HTML using comments? I think I can improve upon that. Demo: Toucan. Rendered using native SVG on recent Gecko, Opera, and Webkit based browsers. Converted to Silverlight and rendered (after a brief delay) using client side XSLT on MSIE browsers with Silverlight. This technique may also be useful for people who want to embed Silverlight into Webpages, which apparently isn’t so easy to do. Demo: Raven — currently MSIE/Silverlight only, but clearly the reverse is also possible. The magic bridge to the XML is in svg2xml.js: PLAIN TEXT JAVASCRIPT:   if (window.attachEvent) window.attachEvent("onload", function() {   xmls = document.getElementsByTagName('xml');   for (i=0; xmls.length>i; i++) {     var source = xmls[i].XMLDocument.documentElement;       var script = document.createElement('script');     script.id = "_svg2xaml_" + i;     script.type = "text/xaml";     if (source.nodeName == 'Canvas') {       script.text = source.xml;     } else if (source.nodeName == 'svg') {       var svg = new ActiveXObject("Microsoft.XMLDOM");       svg.async = false;       svg.loadXML(source.xml);       var xsl = new ActiveXObject("Microsoft.XMLDOM");       xsl.async = false;       xsl.load("svg2xaml.xsl");       script.text = svg.transformNode(xsl);     } else {       continue; // ok, script is never used.  So what?  Shoot me?     }     xmls[i].parentElement.insertBefore(script,xmls[i]);       var embed = document.createElement('object');     try {       embed.type = "application/x-silverlight";       embed.setAttribute('source', '#' + script.id);     } catch(err) {       embed.title="SVG or Silverlight required";     }     embed.width = xmls[i].style.width;     embed.height = xmls[i].style.height;     xmls[i].parentElement.insertBefore(embed,xmls[i]);   } });   read more at Ajaxian rss2lj post comment

How to build a cross-browser history management system [17 Sep 2007|05:41am] 10:44 14.09.2007 How to build a cross-browser history management system History management comes up often, and Bertrand Le Roy of Microsoft has written about his experience building a cross-browser history management system. Betrand details his foray into dealing with browser quirks of IE, Safari, and Opera: So things are in a pretty grim state currently. It seems like we're going back (pun intended). We used to have a collection of tricks that made possible an implementation of a history manager that worked pretty well in IE, Firefox, Opera and Safari. Now, we only have IE, Firefox and Safari Mac. I just hope this is only temporary and that both Apple and Opera repair their browsers soon. read more at Ajaxian rss2lj post comment

The Browser.Next List [17 Sep 2007|05:41am] 11:16 14.09.2007 The Browser.Next List Alex has taken his last post on what he wanted to see from IE, and has gone a little meta, by talking about what he wants to see from all of the browsers, from an Ajax library authors perspective. This is a nice list, and after you read it you realise how you would be dancing through fields of grass if it ever happened. That is even true when you look and see that it isn't an insanely ambitious list! If the vendors just did this, we devs would be in a lot better state. Happy Browser.Next Event Opacity: Let me tell you how to bubble Long-Lived Connections: Two tabs isn't enough Expose [DontEnum] To Library Authors: Give library authors this, now Fast LiveCollection -> Array Transforms: Fast .toArray will work for now Provided A Blessed Cache For Ajax Libraries: CDN for all Mutation Events: Let libs know when a change happens onLayoutComplete: "after onDomReady, but potentially before all images have finished loading, inform us when the layout and geometry have stabilized." HttpOnly cookies: Help us with security Bundle Gears: When the open source set of APIs is ready for prime time Standardize on the Firebug API’s: Nice debugging for all! read more at Ajaxian rss2lj post comment

Taking your Web Development skills to the desktop Using Adobe Integrated Runtime [17 Sep 2007|05:41am] 12:18 14.09.2007 Taking your Web Development skills to the desktop Using Adobe Integrated Runtime Kevin Hoyt of Adobe gave us a personal tour of how you can take your web development skills to the desktop using the Adobe Integrated Runtime (AIR). The talk was designed for the Ajax developer, and special emphasis was given to the latest features in the AIR Beta to include: File Pickers Native Clipboard Native Drag and Drop Service Monitoring Native Windows with Custom Chrome Local Database Kevin walks through these examples as he builds out sample AIR applications. Go ahead and click here for the presentation from The Ajax Experience. read more at Ajaxian rss2lj post comment

The Digg Oracle: Data mining on the client [17 Sep 2007|05:41am] 13:48 14.09.2007 The Digg Oracle: Data mining on the client Brian Shaler noticed that almost a year ago, Digg removed the "search your own Diggs" feature, to the dismay of thousands of Digg users. To explain why the feature had not yet returned, they cited hardware and software solutions as being very complicated and expensive. Brian decided to re-implement the feature himself using the Digg APIs, and we end up with The Digg Oracle: Because the dataset is relatively small and user-specific, performing tasks like searching/filtering and sorting can easily be done on the client, using Google Gears. The tool downloads the selected user's entire voting history, indexes the stories in the local DB, then does all the sorting/searching without connecting to Digg's servers. Here we see an original query, and the application starts to download the users usage data: When the data is loaded, searching and filtering the data is extremely fast, even if you use Kevin Rose as your sample :) This is a great non-offline example of using the database and workerpool components. read more at Ajaxian rss2lj post comment

JSONRequest Extension for Firefox [17 Sep 2007|05:41am] 14:49 14.09.2007 JSONRequest Extension for Firefox Collin Jackson has written a JSONRequest extension for Firefox that exposes the JSONRequest communication API to web pages you visit. It does this by adding a new window.JSONRequest object to your world. An example of using this beast is on the main page itself: PLAIN TEXT JAVASCRIPT:   function request(method, data) {   var timeout = document.getElementById("timeout").value;   var url = document.getElementById("url").value;   var requestNumber;   if (timeout != "") {     if (method == "get") {       requestNumber = JSONRequest.get(url, done, timeout);     } else if (method == "post") {       requestNumber = JSONRequest.post(url, data, done, timeout);     }   } else {     if (method == "get") {       requestNumber = JSONRequest.get(url, done);     } else if (method == "post") {       requestNumber = JSONRequest.post(url, data, done);     }   }   document.getElementById('results').innerHTML +=     "Sending request " + requestNumber + "...<br />"; }   read more at Ajaxian rss2lj post comment

Sprinkle In Your JavaScript [17 Sep 2007|05:41am] 05:11 17.09.2007 Sprinkle In Your JavaScript Jon Davis had a message for us: I’ll make this brief. PLAIN TEXT HTML:   <script src="sprinkle.js"></a></script>   <div src="info.html"></a></div>   http://www.sprinklejs.com This is the latest in the client-side includes explosion that started with the colour purple. Take a peak at the sprinkle.js that makes it happen. read more at Ajaxian rss2lj post comment

Plugging in to the Dojo Grid [17 Sep 2007|05:41am] 05:26 17.09.2007 Plugging in to the Dojo Grid Dylan says that the single, most asked question with the Dojo 0.9 release has been, “Where’s the grid widget?”. The questions is now answered with the announcement that SitePen, Mozilla Foundation, Nexaweb Technologies, Redfin, & SnapLogic Announce Open Source Contribution of TurboAjax Group’s High-Performance Grid Widget to Dojo Foundation. Wow that is a lot of people coming together. Fantastic. You may remember the TurboAjax Grid which works on Dojo 0.4. This new version will build on that work and will include support for Dijit and all of the great features Dijit offers (CSS theming, a11y, il8n, dojo.data, etc.). read more at Ajaxian rss2lj post comment

navigation [ viewing | September 17th, 2007 ] [ go | previous day|next day ]